Month: August 2024
Aug 14, 2024Ravie LakshmananMalware / Network Security An ongoing social engineering campaign with alleged links to the Black Basta ransomware group has been linked to “multiple intrusion attempts” with the goal of conducting credential theft and deploying a malware dropper called SystemBC. “The initial lure being utilized by the threat actors remains the same: an…
Read More
Google Cloud partners discuss the impact of the landmark court ruling that found Google to be a monopoly in the online search market as well as potential penalties around AI and data sharing. As the U.S. Department of Justice looks at ways to deal with Google after a landmark court ruling found the $85 billion…
Read More
“There are at least two more confirmed CVEs that have yet to be patched, (both of) which lead to full NTLM [Network Trust Level Manager] compromise, so the risk is still there,” Gorelik told CSO Online on Wednesday. The hole, which Microsoft has dubbed CVE-2024-38173, allows any email malware to be activated without the recipient…
Read More
Service Express, ECS, GuidePoint Security, Autodesk, HPE and SpaceX’s Starlink business are among the companies to list open positions for channel-related roles in August. This month, Service Express, ECS and GuidePoint Security are among the solution providers to list open positions while Autodesk, Hewlett Packard Enterprise and SpaceX are among the vendors to list open…
Read MoreTexas Sues GM for Collecting Driving Data without Consent Texas is suing General Motors for collecting driver data without consent and then selling it to insurance companies: From CNN: In car models from 2015 and later, the Detroit-based car manufacturer allegedly used technology to “collect, record, analyze, and transmit highly detailed driving data about each…
Read More
Hackers targeted AutoCanada in a cyberattack last Sunday that impacted the automobile dealership group’s internal IT systems, which may lead to disruptions. The company says that it took action immediately after detecting the incident to protect its network and data. External cybersecurity experts have been contracted to help with containment and remediation efforts. The investigation…
Read More
An investigation dating back almost ten years has seen the extradition this week to the United States of a man suspected to be the head of one the world’s most prolific Russian-speaking cybercriminal gangs. The UK’s National Crime Agency (NCA) says it has been investigating a cybercriminal using the online handle “J P Morgan” since…
Read MoreUpcoming Speaking Engagements This is a current list of where and when I am scheduled to speak: I’m speaking at eCrime 2024 in Boston, Massachusetts, USA. The event runs from September 24 through 26, 2024, and my keynote is on the 24th. The list is maintained on this page. Tags: Schneier news Posted on August…
Read MoreIvanti Releases Security Updates for Avalanche, Neurons for ITSM, and Virtual Traffic Manager | CISA
Ivanti released security updates to address multiple vulnerabilities in Ivanti Avalanche, Neurons for ITSM, and Virtual Traffic Manager (vTM). A cyber threat actor could exploit some of these vulnerabilities to take control of an affected system. Ivanti advises users to reduce their attack surface and follow industry best practices by adhering to Ivanti’s network configuration…
Read MoreAdobe released security updates to address multiple vulnerabilities in Adobe software. A cyber threat actor could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the following Adobe Security Bulletins and apply the necessary updates: Security Update Available for Adobe Illustrator | APSB24-45 Security…
Read More